The average cost of a data breach for US organizations climbed to a record 10.22 million dollars, according to IBM's Cost of a Data Breach research, even as the global average fell to 4.44 million dollars, a 9 percent decline from 4.88 million dollars the prior year. The split shows how sharply breach economics diverge between the United States and the rest of the world.

Artificial intelligence figured prominently in the findings, on both sides of the ledger. Organizations using AI and automation extensively in their defenses paid 3.62 million dollars per breach, compared with 5.52 million dollars for those that did not, a 34 percent reduction. The mean time to identify and contain a breach fell to 241 days, the lowest in nine years.

The data also exposed governance gaps in how companies deploy AI. Thirteen percent of organizations reported breaches of their AI models or applications, while another 8 percent said they did not know whether such a compromise had occurred. Among organizations that experienced an AI related security incident, 97 percent reported lacking proper AI access controls.

Unsanctioned tools added further cost. A high level of shadow AI, where employees use unapproved internet based AI tools, added an extra 670,000 dollars to the global average breach cost. Taken together, the figures describe a landscape where AI strengthens defense when governed well, yet creates fresh exposure when adopted without controls. The reliability and security of AI deployments increasingly shapes the financial stakes of a breach.

Source: IBM - https://www.ibm.com/think/x-force/2025-cost-of-a-data-breach-navigating-ai